Dirty Frag, a critical Linux kernel zero-day vulnerability with no patch and giving hackers root, has gone public after an embargo was broken. Here’s the workaround.

A vulnerability tracked as CVE-2025-6965 has been entered into the National Vulnerability Database, the federal registry ...

Microsoft has confirmed an emergency security update as CISA warns that two new Defender zero-days are being exploited by ...

Microsoft is facing an onslaught of criticism from the cybersecurity community after the company said it would seek criminal prosecution against a disgruntled security researcher who published several ...

Google says hackers used AI to help build a zero-day exploit targeting 2FA, raising concerns about AI-assisted hacking.

Update 10/6/25 11:15 AM ET: Updated story with more information on the leaked Oracle source code and the leaking of the exploit. Oracle is warning about a critical E-Business Suite zero-day ...

Cybersecurity firm Kaspersky has detailed more of its findings on the distribution of malware through a zero-day exploit it uncovered in Google Chrome earlier this year. The exploit was executed ...

A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed "MiniPlasma" that lets attackers gain SYSTEM privileges on fully patched Windows ...

Chinese state hackers and spyware vendors are fueling a rise in zero-day attacks, which increasingly target enterprise software and devices — security and networking products in particular. Google ...

A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over systems, with no patch yet available. Attackers have been exploiting a ...